Allot: Users aware of mobile malware threats, but slow to adopt …

Mobile users are aware of online threats and a significant number have experienced a mobile malware attack in the past 12 months, according to a new survey by Allot Communications.

Allot found that 68% of surveyed mobile users are aware of malware and within that 68%, one in seven had experienced a mobile malware attack. But they don’t necessarily know where to turn when they do. When they are faced with a malware attack, most people — 35 percent — contacted no one for help. Meanwhile, 26% contacted their service provider for assistance and another 26% contacted the app developer.

Nearly 90% of mobile users don’t pay for device protection for their wireless devices, Allot reported, but 61% of them said that they would be interested in buying that type of service from their carrier.

Allot’s survey was based on a self-selected sample of 2,150 mobile users from around the world.

Malware was a rising threat during 2016, with variants like ransomware — where a device owner is locked out of the device and its information, with money demanded for returning to normal operations — capturing headlines. In MacAfee’s 2016 Mobile Threat Report, the company noted that “over the last year we have seen a dramatic increase in not only the number of new malware, but also an increase in sophistication and complexity” and that ransomware was starting to target Android mobile devices, often accompanied by a false legal threat to discourage victims from contacting anyone for help.

“Cybercriminals are now using attacks and techniques initially targeted at desktop users in the mobile channel,” wrote Tom Mulvehill, program director for mobile security at IBM, in a blog entry in mid-2016. He added that “the risk from mobile malware is real.”

A new report from mobile security firm MobileIron, which focuses on enterprise IT security, cited a number of significant malware infections during 2016, including the Godless malware, which infected an estimated 850,000 devices; and Hummingbird, which infected almost 85 million devices.

“The apparent goal of both malware families was to drive fraudulent ad revenue,” MobileIron noted, but went on to say that “However, what is more more notable — and sinister — is that they contained exploits that attempt to “root” devices over the air without the user’s knowledge, thus giving attackers full control of an infected device. … Mobile malware has evolved beyond data exfiltration and can now take over the whole device. Although mobile devices have many inherent security features, such as sandboxing, some types of attacks can bypass those features. These types of malware effectively take control away from the user and put it into the hands of the attacker.”

MobileIron also noted that within the enterprise, “despite the rise in high-profile mobile malware attacks, anti-malware adoption continues to remain flat with a global adoption rate of less than 5%.”